Skip to content
    July 22, 2025

    Alcatraz Product Update: Q1/Q2 2025

    At Alcatraz, we believe that biometric access control shouldn’t be a one-time deployment, it should continuously evolve. That’s why our approach is built around Facial Authentication as a Service (FAaaS): a model where both the Alcatraz platform and our biometric hardware devices improve over time through regular updates.

    In the first half of 2025, we have delivered a range of customer-driven enhancements that bring greater privacy, flexibility, convenience, security, and performance. Below are the highlights, with the full set of updates available in our release notes.

    These features will be available to all Alcatraz customers, with the release scheduled for on-premise systems on July 30 and cloud environments on August 4.

    Final Product update Alcatraz

    Privacy: Empowering Consent and Data Control

    Opt-In Biometric Processing (2FA Applications Only)
    If you use card readers with your Rock devices and have enabled two-factor authentication, you can now apply an optional policy that limits biometric matching to cardholders who are already enrolled. Biometric data is only saved after a card is presented and verified as linked to an active profile. This gives you stronger control over how biometric authentication is applied at the edge, helping support opt-in privacy standards where required.

    Note: This feature is intended for deployments with specific regulatory or contractual opt-in mandates.

    Custom Docusign Consent (Cloud & On-Prem)
    You can now collect biometric consent from their end users using their own Docusign accounts, giving greater control over consent workflows and legal language whether deployed on-prem or in the cloud.

    Flexibility: Adapting to Enterprise Workflows and Infrastructure

    Adaptive 2FA
    Adaptive 2FA builds on Alcatraz’s personalized authentication capabilities by using device-level intelligence to tailor security based on individual profiles. It allows organizations to enable face-only access for a limited group of trusted individuals—such as VIPs or high-clearance personnel, while maintaining two-factor authentication (2FA) for everyone else. This ensures frictionless access for high-profile users without compromising the organization’s broader security posture.For broader user control, our existing biometric opt-in/out feature enables organizations to customize who is enrolled, how biometric data is processed, and when it’s discarded, offering powerful flexibility for privacy and compliance needs across all user types.

    SIP Intercom Support
    Customers can now integrate SIP-based intercom systems directly with the Alcatraz platform, enabling two-way communication and providing a customizable, flexible voice access layer at access points. This capability activates the Rock X device’s built-in SIP intercom hardware.

    RightCrowd Integration
    Alcatraz provides a seamless integration with RightCrowd, a leading Physical Identity & Access Management (PIAM) provider, allowing joint customers to streamline identity governance, synchronize personnel data, and scale biometric authentication across large enterprise environments.

    Web Enrollment for On-Prem
    Alcatraz now supports web enrollment for on-prem deployments while you retain complete infrastructure control. Customers can streamline onboarding by using their own SMTP server to send enrollment invitations, accelerating rollout without compromising security or flexibility.

    Convenience: Streamlining Operations & Maintenance

    Rock Maintenance Mode
    If you have enabled the optional reset-on-tamper feature, which triggers a factory reset if an internal tamper is detected, Rock Maintenance Mode provides a safer way to perform scheduled servicing. Admins can now place Rock devices into maintenance mode for a defined period (1 to 24 hours), preventing the reset behavior during that window while continuing to log all tamper alerts. This reduces the risk of unintended resets during maintenance activities and helps streamline site operations.

    Visitor Management Automation (C•CURE Only)
    For customers using the C•CURE integration, visitor profiles can now be automatically flagged and managed based on ACS parameters. This reduces manual effort for front desk and security teams and ensures that visitors are handled consistently and in alignment with defined access policies from the moment they arrive.

    Profile Provisioning Visibility
    Admins can now view a list of devices where a specific biometric profile has been provisioned directly within that profile’s management page. This supports better troubleshooting and lifecycle management without exposing any profile lists at the device level, preserving Alcatraz’s privacy-by-design architecture.

    Security: Enforcing Stronger Access Control

    Auto Deletion of Disabled Profiles (C•CURE Integration Only)
    If using the C•CURE integration, biometric profiles can now be automatically deleted when a card holder is disabled in the ACS following a configurable delay. This helps enforce clean off-boarding practices and supports compliance with data retention and privacy policies.

    TOTP 2FA using Authenticator Apps for Admin Portal Login
    We’ve added time-based one-time password (TOTP) authentication using apps such as Google Authenticator or Microsoft Authenticator for admin access to the Alcatraz Admin Portal - bringing it in line with best practices for secure identity management.

    Performance: Boosting Speed, Accuracy & Stability

    Enhanced Tailgating Detection
    We introduced a new AI model that improves real world tailgating detection performance helping to identify unauthorized entry attempts while ensuring a seamless experience for authorized users.

    Improved Device Behavior for Real World Use Cases
    Refinements to how Rock devices handle badge presentations especially for users wearing lanyards to reduce false readings and authentication friction.

    Reader Group Persistence (C•CURE Integration Only)
    For customers using C•CURE, reader access group assignments are now preserved even if the ACS disconnects or restarts. This ensures uninterrupted access for authorized users during network outages or scheduled ACS maintenance, reducing operational disruption and access control gaps.

    Security Event Retention Policy
    Customers can now configure retention policies for security logs, helping maintain server performance and storage health without sacrificing visibility. This gives IT teams better control over system health while retaining necessary audit trails.

    Robust Card holder-Biometric Linking
    Improvements in how biometric profiles link to card holder records ensure faster updates, stronger data consistency, and higher throughput at scale.

    What This Means for You

    Whether you're managing biometric enrollment across global sites, tightening access for compliance, or replacing/augmenting badges with facial authentication, these updates are built to make your work simpler, spaces safer, and access control smarter. Let’s Rock.

    Tag(s): Blog

    Other posts you might be interested in

    View All Posts